From 68df1f9034a215bc45e9a3939162aeb85ceae2f4 Mon Sep 17 00:00:00 2001 From: Paul Greenberg Date: Tue, 19 Mar 2024 21:20:15 -0400 Subject: [PATCH] feature: add u2f registration to profile api --- ...pi_fetch_user_uni_sec_factor_reg_params.go | 55 +++++++++++++++++++ pkg/authn/handle_api_profile.go | 3 + 2 files changed, 58 insertions(+) create mode 100644 pkg/authn/api_fetch_user_uni_sec_factor_reg_params.go diff --git a/pkg/authn/api_fetch_user_uni_sec_factor_reg_params.go b/pkg/authn/api_fetch_user_uni_sec_factor_reg_params.go new file mode 100644 index 0000000..33f223f --- /dev/null +++ b/pkg/authn/api_fetch_user_uni_sec_factor_reg_params.go @@ -0,0 +1,55 @@ +// Copyright 2024 Paul Greenberg greenpau@outlook.com +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package authn + +import ( + "context" + "net/http" + + "github.com/greenpau/go-authcrunch/pkg/ids" + "github.com/greenpau/go-authcrunch/pkg/requests" + "github.com/greenpau/go-authcrunch/pkg/user" + "github.com/greenpau/go-authcrunch/pkg/util" +) + +// FetchUserUniSecFactorRegParams fetches U2F authenticator registration parameters. +func (p *Portal) FetchUserUniSecFactorRegParams( + ctx context.Context, + w http.ResponseWriter, + r *http.Request, + rr *requests.Request, + parsedUser *user.User, + resp map[string]interface{}, + usr *user.User, + backend ids.IdentityStore, + bodyData map[string]interface{}) error { + + params := make(map[string]interface{}) + params["challenge"] = util.GetRandomStringFromRange(64, 92) + params["rp_name"] = "AuthCrunch" + // params["rp_id"] = "auth.authcrunch.com" + params["user_id"] = usr.Claims.ID + params["user_name"] = usr.Claims.Email + params["user_verification"] = "discouraged" + params["attestation"] = "direct" + if usr.Claims.Name == "" { + params["user_display_name"] = usr.Claims.Subject + } else { + params["user_display_name"] = usr.Claims.Name + } + + resp["entry"] = params + return handleAPIProfileResponse(w, rr, http.StatusOK, resp) +} diff --git a/pkg/authn/handle_api_profile.go b/pkg/authn/handle_api_profile.go index 224a5f5..bdbe415 100644 --- a/pkg/authn/handle_api_profile.go +++ b/pkg/authn/handle_api_profile.go @@ -115,6 +115,7 @@ func (p *Portal) handleAPIProfile(ctx context.Context, w http.ResponseWriter, r case "delete_user_gpg_key": case "test_user_gpg_key": case "add_user_gpg_key": + case "fetch_user_u2f_reg_params": default: resp["message"] = "Profile API received unsupported request type" return handleAPIProfileResponse(w, rr, http.StatusBadRequest, resp) @@ -174,6 +175,8 @@ func (p *Portal) handleAPIProfile(ctx context.Context, w http.ResponseWriter, r return p.TestUserAppMultiFactorVerifier(ctx, w, r, rr, parsedUser, resp, usr, backend, bodyData) case "add_user_app_multi_factor_authenticator": return p.AddUserAppMultiFactorVerifier(ctx, w, r, rr, parsedUser, resp, usr, backend, bodyData) + case "fetch_user_u2f_reg_params": + return p.FetchUserUniSecFactorRegParams(ctx, w, r, rr, parsedUser, resp, usr, backend, bodyData) case "fetch_user_api_keys": return p.FetchUserAPIKeys(ctx, w, r, rr, parsedUser, resp, usr, backend) case "fetch_user_api_key":